I'm looking for a possible security hole in one of my PHP scripts and was wondering if there is a comprehensive "to-do" list for securing web scripts. I've found a few on Google, but they don't include certain hacks like XSS attacks. Are there any you would recommend? Thanks, Tony